diff --git a/refpolicy/README b/refpolicy/README index 3bf21ff..9b43465 100644 --- a/refpolicy/README +++ b/refpolicy/README @@ -73,7 +73,52 @@ checklabels Check the labels on the filesystem, and report when restorelabels Relabel the filesystem and report each file that is relabeled. -2) Reference Policy Files and Directories + +2) Reference Policy Build Options (build.conf) + +TYPE String. Available options are strict, targeted, + strict-mls, targeted-mls, strict-mcs, and targeted-mcs. + This sets the policy type as strict or targeted, and + optionally enables multi-leve security (MLS) or + multi-category security (MCS) features. This option + controls strict_policy, targeted_policy, enable_mls, + and enable_mcs policy blocks. + +NAME String (optional). Sets the name of the policy; the + NAME is used when installing files to e.g., + /etc/selinux/NAME and /usr/share/selinux/NAME. If not + set, the policy type (TYPE) is used. + +DISTRO String (optional). Enable distribution-specific policy. + Available options are redhat, rhel4, gentoo, debian, + and suse. This option controls distro_redhat, + distro_rhel4, distro_gentoo, distro_debian, and + distro_suse policy blocks. + +MONOLITHIC Boolean. If set, a monolithic policy is built, + otherwise a modular policy is built. + +DIRECT_INITRC Boolean. If set, sysadm will be allowed to directly + run init scripts, instead of requiring the run_init + tool. This is a build option instead of a tunable since + role transitions do not work in conditional policy. + This option controls direct_sysadm_daemon policy + blocks. + +POLY Boolean. If set, policy for polyinstantiated + directories will be enabled. This option controls + enable_polyinstantiation policy blocks. + +OUTPUT_POLICY Integer. Set the version of the policy created when + building a monolithic policy. This option has no effect + on modular policy. + +QUIET Boolean. If set, the build system will only display + status messages and error messages. This option has no + effect on policy. + + +3) Reference Policy Files and Directories All directories relative to the root of the Reference Policy sources directory. Makefile General rules for building the policy. @@ -161,4 +206,4 @@ policy/support/* Support macros. policy/users This file defines the users included in the policy. -support/* Scripts and other tools used to help build the policy. +support/* Tools used in the build process.